Hosting Provided By

Re: project

From: David Pick <d.m.pick(at)qmul.ac.uk>
Date: Wed Apr 30 2003 - 12:36:55 EDT

> I mean I have captured data using Tcpdump (i.e. raw data), how to I

You'll not only need to reassemble the packet streams, you'll also need to know what protocol was used to transport the higher-level data. For example, was the data flowing over a "connection" to a file server? if so you'll need to work out which protocol was used (NFS, CIFS, NCP, something else...). Or if it was carried by EMail you'll need to extrace the message text from the SMTP (or POP or IMAP) protocol information and then (perhaps) extract individual attachments from the message, and then reverse the Base64 encoding (or whichever it was) and then...

-- 
	David Pick


---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

Received on Wed Apr 30 17:40:41 2003

This message: [ Message body ]
Next message: Ido Dubrawsky: "Re: project"
Previous message: raymond: "WebService pentest tool"
In reply to ashwini ajjappa: "project"
Next in thread: Rob Shein: "RE: project"
Reply: Rob Shein: "RE: project"
Reply: Alex Lambert: "Re: project"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:35 EDT